In historical times, the primary means of controlling access to valuables or information was physical isolation. Such isolation was a side-effect of the need for the rich and powerful to protect themselves against opposing forces in society, and was typically enforced by some combination of locked vaults, secret rooms, inaccessible buildings, and personal guards. This is similar in concept to Fort Knoxxe2x80x94dig a large hole, put a huge vault in it, and assign an army to prevent access. In such situations, it is extremely difficult for anyone not otherwise approved for access to threaten the protected assets.
There have evolved categories of valuable assets which cannot always receive appropriate protection using the traditional technique of exclusion. Many technological assets are not particularly valuable unless they are used in a semi-public or public setting. Some assets are so important that, in addition to physical security, simple use of the asset after gaining physical possession must be authorized by a second party. An example might be the portable computer of a top executive, whose company might lose enormous sums of money if the information within could be accessed easily given only physical possession of the equipment. Typical means of control in this type of situation include passwords to penetrate firewalls, encryption of data files, and hidden means of rendering the unit inoperable, such as a device to prevent communication from the keyboard to the main computer.
Other assets gain their value by providing a service to a more-or-less general populace. A common example is the automatic teller machines which are currently taking over many of the functions of a physical banking establishment. Security for such machines exists on several levels, the most obvious being their construction as a rather strong vault. Access by the general public requires a scannable identification card and a simple password. Such a poor level of security is often bypassed, and is found acceptable only owing to limits placed on fund withdrawal and the societal structures which reimburse victims of credit card or bank theft from major loss.
More importantly, however, is that personnel who maintain and service such machines must have a far greater access to the essential functions of the machinexe2x80x94up to and including the ability to issue as much currency as desired. On-site repair of these machines requires the ability to control all of their physical functions. Such control is supposed to be restricted to situations where a technician and a security guard are both in attendance. Clearly, unauthorized access to these repair functions is most undesirable. However, the usual means of access control for such systems is usually a simple password system, perhaps in combination with an electronic release system activated by a central office. However, since both these means are ultimately expressed in software, it is possible for a skilled perpetrator to break into such systems without great difficulty.
Similar threats exist to a wide variety of computer-based assets. Especially with the advent of the Internet, it has become commonplace for malefactors to break past many layers of computer-based security, even to the extent of acquiring the contents of classified files from government installations. Such feats persist despite the use of complex firewall security means.
One reason that many current techniques for access control are vulnerable to external attack is that their key functionality is implemented as computer software. Even when protected firewalls are implemented with separate computer systems connected by a communication system which can be physically cut off, control of that process is a software function. As a result, flaws in the software system can often be exploited in order to compromise system security.
There seems little question at this point that current approaches toward security and access control for computer-based systems and highly-valuable or dangerous assets are inadequate, with the most amazing security systems being overthrown routinely. The inadequacy of current security and access control is becoming more crucial as e.g., electronic cash systems and net access to private and public database systems expands.
Accordingly, there is a need for a simple, robust, and inexpensive approach toward providing greatly improved security against unauthorized access to protected assets while allowing easy access for authorized users. A further aspect is that some aspect of a new approach toward security should be implemented physically, that is, not as a software program. This would greatly increase the difficulty of breaking into the system through flawed software. An additional aspect is that the new approach should be resistant to physical assault, so that physical destruction of a key component does not lead to unauthorized access. Finally, in order to be adopted for general use, the new approach must be inexpensive to integrate with computer-based systems, and must function rapidly and reliably therein.
The present invention relates to a new class of mechanical code comparators having broad potential for application in safety, surety, and security applications. These devices can be implemented as micro-scale electro-mechanical systems that isolate a secure or otherwise controlled device until an access code is entered. This access code is converted into a series of mechanical inputs to the mechanical code comparator, which compares the access code to a pre-input combination, entered previously into the mechanical code comparator by an operator at the system security control point. The mechanical code comparator can be designed so that the pre-input combination is lost in the process of comparison with the access code. When this happens, a new combination must be input by the control operator before anyone can access the protected system. In another implementation, the mechanical code comparator can be limited to a single attempt to access the system from the public side.
Being totally mechanical in operation, such mechanical code comparators are impossible to circumvent through software alone. These devices can be designed to function by using simple digital electrical pulses to drive microelectromechanical actuators. These devices can be implemented in micromachined silicon, a material particularly suited because of its large strength and the vast knowledge extant in the art of how to form small silicon-based structures using lithography.